0

The No-PII user registration JWT for adding a user in Twilio's authy requires us to build a JWT from scratch.

I tried looking everywhere on how to get a JWT created using Google Apps Script but wasn't to find the right way to make that happen. It specifically needs to be of HS256 alg.

I require the final payload to look exactly like this -

// Example Payload
{
  "iss": "My Authy App",
  "iat": 1554395479,
  "exp": 1554395879,
  "context": {
    "custom_user_id": "3YgAIZklGPHmwpJfIC0PDy0E7l763OF3BHZo1p2xKhY",
    "authy_app_id": "1111111"
  }
}

// Example Header
{
  "alg": "HS256",
  "typ": "JWT"
}

Can someone please help me with this or perhaps point me to an appropriate article/documentation for this??

TheMaster
  • 45,448
  • 6
  • 62
  • 85
  • 1
    Have you tried using what's available here? - https://wtfruby.com/gas/2018/11/21/jwt-app-scripts.html This was on my top 3 results when I googled for a `JWT using Google Apps Script` :) – Sourabh Choraria Oct 02 '19 at 08:22
  • 1
    Oh! This is perfect. Someone ought to make this into a library and publish it as a Gist :) –  Oct 02 '19 at 08:40
  • The common [oAuth library](https://github.com/gsuitedevs/apps-script-oauth2/blob/7fb414e2786de44231dfd7ef431032352e6c71a1/src/Service.js#L699) has jwt support. You just need to setPrivateKey() to start jwt flow. Any additional claims can be added with setAdditionalClaims. See [sample](https://github.com/gsuitedevs/apps-script-oauth2/blob/master/samples/GoogleServiceAccount.gs) – TheMaster Oct 02 '19 at 09:27
  • On re-reading, you'd need ``HMAC(HS256)`` instead of ``RSA(RS256)``. The library defaults to `RS256` and can't be changed. Though you could still use the linked code in the library as a sample. – TheMaster Oct 02 '19 at 09:46

1 Answers1

-1

The general syntax for URL fetch with Google Apps Script is the following:

var body={
  "iss": "My Authy App",
  "iat": 1554395479,
  "exp": 1554395879,
  "context": {
    "custom_user_id": "3YgAIZklGPHmwpJfIC0PDy0E7l763OF3BHZo1p2xKhY",
    "authy_app_id": "1111111"
  };
var header={
  "alg": "HS256",
  "typ": "JWT"
};
var url='YOUR URL';
var options={
  method: 'POST',
  headers: header,
  muteHttpExceptions: true,
  contentType: 'application/json',
  payload: JSON.stringify(body)
};
var response=UrlFetchApp.fetch(url, options);

According to the documentation link you provided, you might need to provide an API key. In this case, you URL should be something like var url=basicURL+"apikey="+XXX

I do not have a Twilio account to test it, but the sample provided above is the general procedure for Apps Script and you can find more references under the following links:

ziganotschka
  • 25,866
  • 2
  • 16
  • 33
  • 1
    [Last link](https://developers.google.com/google-ads/scripts/docs/examples/twilio) doesn't work. `jwt` requires algorithm to sign the payload. – TheMaster Oct 02 '19 at 09:42